Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows Defender For Endpoint
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29800 1 Microsoft 1 Windows Defender For Endpoint 2024-11-21 N/A 4.7 MEDIUM
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.
CVE-2022-29799 1 Microsoft 1 Windows Defender For Endpoint 2024-11-21 N/A 5.5 MEDIUM
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory.